How to configure the Password Server with SSL (IIS 7)

It is HIGHLY recommended that all communications between a user’s browser and the AuthAnvil Password Server be done over a secure socket layer (SSL) connection. To accomplish this, a SSL certificate must be installed on the IIS server where the AuthAnvil Password Server resides.

We recommend using a trusted public CA – such as Verisign, Inc – to obtain the certificate. This solution is particularly good if you want to enable secure communications for authentication agents over the public Internet, where your AuthAnvil Password Server will be exposed publicly.

To enable SSL for the AuthAnvil Password Server website after you have a certificate installed in IIS, follow these steps:

Launch the IIS Manager, and expand “Sites”.

Click on the website where the AuthAnvil Password Server is installed and click “Bindings…” under the actions menu.

Click “Add…”

Change the type from “http” to “https”, set your IP address and port, and chose a certificate from the “SSL certificate” dropdown menu.

Click “OK” and then “Close” to apply the binding.

Now test if secure communications with SSL are working by attempting to connect to the AuthAnvil Password Server website (https://passwordserver.yourdomain.com/aaps), and making sure that you can successfully connect with no certificate errors.

To re-configure the Password Server Service URL please see this article.

Note: As of Password Server v2.5 this service URL will automatically be configured to use HTTPS. Upgrade now using this Guide. See the v2.5 release notes here.